<%@ LANGUAGE="VBSCRIPT" %>
<%'  ------------------------------------------------------------
  '  mz_secupdate.asp 
  '  ------------------------------------------------------------
  '  VCS INFO:
  '  
  '  $Revision:   1.11  $
  '  $Date:   08 Oct 1998 16:05:20  $
  '  $Author:   rurman  $
  '  $Workfile:   mz_secupdate.asp  $
  '  ------------------------------------------------------------
  '  All Rights Reserved.  Copyright (c) 1988-1998 FileNET Corp.
  '  ------------------------------------------------------------
  '%>
<!-- #include file="islogon.asp" -->

<%
DebugFlag = 0

ObjType = CInt(Request.Form("Type"))
Ident = Request.Form("Ident")

' ObjType = CInt(Request.QueryString("Type"))
' Ident = Request.QueryString("Ident")

Update = Request.Form("UpdateFlag")
if Request.Form("ShowHints") = "on" then
    Session("ShowHints") = 1
else
    Session("ShowHints") = 0
end if

'Panagon IDM Web application uses the Session variable LibraryLogonID to keep track of
'whether the user has logged on.
'Please see logoncall.asp to see how the Session variable LibraryLogonID is set.
LibraryLogonID = Session("LibraryLogonID")
Username = Session("Username")
set LibraryObj = Server.CreateObject("IDMObjects.Library")
LibraryObj.LogonID = LibraryLogonID

On Error Resume Next
set FObj = LibraryObj.GetObject(ObjType, Ident)
if Len(Err.Description) then
    Response.Expires = 0
    Response.Status = "404 Not Found"
    Response.ContentType = "text/plain"
    Response.Write "Object not found: "
    Response.Write Err.Description
    Response.End
end if


set Permissions = FObj.Permissions

Status = "0"
%>

<% 
if DebugFlag then %>
Security_Update <br>
<% For Each x In Request.Form %>
<%if not (Request.Form(x) = "") then %>
<!-- <INPUT TYPE=hidden name="<%= x %>" value="<%= Request.Form(x) %>"> -->
name="<%= x %>" value="<%= Request.Form(x) %>"<br>
<% end if %>
<% Next %>
<% end if %>

<%
    
    'Permissions
    'for i=1 to Permissions.Count
    '   delStr = "DELETE_"+CStr(i)
    '   set Permission = Permissions.Item(i)
    '   Permission.GranteeName = Request.Form(CStr(Permission.ID))
    '   delVal = CLng(Request.Form(delStr)
    
    
    ' remove from the current access list all the entries that come marked as DELETE
    delStr = "DELETE"
    For k=Request.Form(delStr).Count to 1 Step -1
        if not (Request.Form(delStr)(k) = "") then
%>  
    <% if DebugFlag then %>
        Delete <%=Request.Form(delStr)(k) %><br>
    <% end if %>
<%
            call Permissions.Remove(CLng(Request.Form(delStr)(k)))
        end if
    next
    'next

    ' add to the access list all entries 
    ' received as pairs ADD_USER_x=userx ACCESS_USER_X=2 or
    ' ADD_GROUP_x=userx ACCESS_GROUP_X=2
    For Each xName In Request.Form
        if not (Request.Form(xName) = "") then 
            pos1 = InStr(xName, "ADD_")     
            if (pos1 = 1)then
                pos2 = pos1+4
                strId = Mid(xName, pos2)    ' USER_2
                pos3 = InStr(strId, "USER")
                if pos3 = 1 then
                    granteeType = CInt(Application("idmObjTypeUser")) ' 16
                else 
                    granteeType = CInt(Application("idmObjTypeGroup")) ' 17
                end if
                strAccessName = "ACCESS_" + StrId
                strGranteeName = Request.Form(xName)
                if not Request.Form(strAccessName)= "" then
                    lAccess =CLng(Request.Form(strAccessName))
                else lAccess = CLng(Application("idmMzAccessNone"))
                end if
                set oGrantee = LibraryObj.GetObject(granteeType, strGranteeName)
        %>
            <% if DebugFlag then %>
            Add <%=strId%>: <%= strGranteeName%>(<%=oGrantee.Name%>), <%= granteeType%>  access=<%= lAccess%><br>
            <% end if %>
        <%
                if Username <> strGranteeName or lAccess <> CLng(Application("idmMzAccessNone")) then 
                    On Error Resume Next
                    call Permissions.Add(oGrantee, lAccess)
                    if Len(Err.Description) then
                        Response.Write "Error when Modify security, add '" + strGranteeName + "': " + Err.Description + "<br>"
                    end if
                end if
            end if
        end if
    next


' if Update then
    On Error Resume Next
    FObj.Save
    if Len(Err.Description) > 0 then
        Status = "-1"
    else
        Status = "1"
    end if
' end if

Response.Redirect "seccontent.asp?Type=" + CStr(ObjType) + "&Ident=" + Ident + "&Update=" + Update + "&Status=" + Status
%>

<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft Visual InterDev 1.0">
<META HTTP-EQUIV="Content-Type" content="text/html">
<TITLE>Property Update</TITLE>
</HEAD>

<body bgcolor="#FFFFFF">
<% if DebugFlag then %>
<%= ObjType %><br>
<%= Ident %><br>

<% for each p in Request.Form %>
    <%= p %> = <%= Request.Form(p) %><br>
<% next %>
<% end if %>

</BODY>
</HTML>
